epistemophiliac/fabric-samples
1
0
Fork 0
mirror of https://github.com/hyperledger/fabric-samples.git synced 2026-06-17 15:35:09 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
fabric-samples/test-network-k8s/kube/org0/org0-orderer2.yaml
jkneubuh a3ae179efb
test-network-k8s : Connect to Fabric services via Nginx Ingress - READY FOR MERGE (#692) 
* Access the test network services via a local Nginx ingress controller.

Signed-off-by: Josh Kneubuhl <jkneubuh@us.ibm.com>

* Run E2E / CI test suite against the Ingress based k8s test network

Signed-off-by: Josh Kneubuhl <jkneubuh@us.ibm.com>

* Improved wait for Nginx Ingress - this was causing some test flakes

Signed-off-by: Josh Kneubuhl <jkneubuh@us.ibm.com>
2022-03-31 17:12:51 +01:00

159 lines
4.5 KiB
YAML
Raw Blame History

#
# Copyright IBM Corp. All Rights Reserved.
#
# SPDX-License-Identifier: Apache-2.0
#
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: org0-orderer2-tls-cert
namespace: ${NS}
spec:
isCA: false
privateKey:
algorithm: ECDSA
size: 256
dnsNames:
- localhost
- org0-orderer2
- org0-orderer2.${NS}.svc.cluster.local
- org0-orderer2.${DOMAIN}
- org0-orderer2-admin.${DOMAIN}
ipAddresses:
- 127.0.0.1
secretName: org0-orderer2-tls-cert
issuerRef:
name: org0-tls-cert-issuer
---
apiVersion: v1
kind: ConfigMap
metadata:
name: org0-orderer2-env
data:
FABRIC_CFG_PATH: /var/hyperledger/fabric/config
FABRIC_LOGGING_SPEC: INFO # debug:cauthdsl,policies,msp,common.configtx,common.channelconfig=info
ORDERER_GENERAL_LISTENADDRESS: 0.0.0.0
ORDERER_GENERAL_LISTENPORT: "6050"
ORDERER_GENERAL_LOCALMSPID: OrdererMSP
ORDERER_GENERAL_LOCALMSPDIR: /var/hyperledger/fabric/organizations/ordererOrganizations/org0.example.com/orderers/org0-orderer2.org0.example.com/msp
ORDERER_GENERAL_TLS_ENABLED: "true"
ORDERER_GENERAL_TLS_CERTIFICATE: /var/hyperledger/fabric/config/tls/tls.crt
ORDERER_GENERAL_TLS_ROOTCAS: /var/hyperledger/fabric/config/tls/ca.crt
ORDERER_GENERAL_TLS_PRIVATEKEY: /var/hyperledger/fabric/config/tls/tls.key
ORDERER_GENERAL_BOOTSTRAPMETHOD: none
ORDERER_ADMIN_TLS_ENABLED: "true"
ORDERER_ADMIN_TLS_CERTIFICATE: /var/hyperledger/fabric/config/tls/tls.crt
ORDERER_ADMIN_TLS_ROOTCAS: /var/hyperledger/fabric/config/tls/ca.crt
ORDERER_ADMIN_TLS_PRIVATEKEY: /var/hyperledger/fabric/config/tls/tls.key
# Authenticate client connections with the org's ecert / admin user enrollments
ORDERER_ADMIN_TLS_CLIENTROOTCAS: "[/var/hyperledger/fabric/organizations/ordererOrganizations/org0.example.com/orderers/org0-orderer2.org0.example.com/msp/cacerts/org0-ca.pem]"
ORDERER_FILELEDGER_LOCATION: /var/hyperledger/fabric/data/orderer2
ORDERER_CONSENSUS_WALDIR: /var/hyperledger/fabric/data/orderer2/etcdraft/wal
ORDERER_CONSENSUS_SNAPDIR: /var/hyperledger/fabric/data/orderer2/etcdraft/wal
ORDERER_OPERATIONS_LISTENADDRESS: 0.0.0.0:8443
ORDERER_ADMIN_LISTENADDRESS: 0.0.0.0:9443
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: org0-orderer2
spec:
replicas: 1
selector:
matchLabels:
app: org0-orderer2
template:
metadata:
labels:
app: org0-orderer2
spec:
containers:
- name: main
image: ${FABRIC_CONTAINER_REGISTRY}/fabric-orderer:${FABRIC_VERSION}
imagePullPolicy: IfNotPresent
envFrom:
- configMapRef:
name: org0-orderer2-env
ports:
- containerPort: 6050
- containerPort: 8443
- containerPort: 9443
volumeMounts:
- name: fabric-volume
mountPath: /var/hyperledger
- name: fabric-config
mountPath: /var/hyperledger/fabric/config
- name: tls-cert-volume
mountPath: /var/hyperledger/fabric/config/tls
readOnly: true
volumes:
- name: fabric-volume
persistentVolumeClaim:
claimName: fabric-org0
- name: fabric-config
configMap:
name: org0-config
- name: tls-cert-volume
secret:
secretName: org0-orderer2-tls-cert
---
apiVersion: v1
kind: Service
metadata:
name: org0-orderer2
spec:
ports:
- name: general
port: 6050
protocol: TCP
- name: operations
port: 8443
protocol: TCP
- name: admin
port: 9443
protocol: TCP
selector:
app: org0-orderer2
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
nginx.ingress.kubernetes.io/proxy-connect-timeout: 60s
nginx.ingress.kubernetes.io/ssl-passthrough: "true"
labels:
app: org0-orderer2
name: org0-orderer2
spec:
ingressClassName: nginx
rules:
- host: org0-orderer2.${DOMAIN}
http:
paths:
- backend:
service:
name: org0-orderer2
port:
name: general
path: /
pathType: ImplementationSpecific
- host: org0-orderer2-admin.${DOMAIN}
http:
paths:
- backend:
service:
name: org0-orderer2
port:
name: admin
path: /
pathType: ImplementationSpecific
tls:
- hosts:
- org0-orderer2.${DOMAIN}
- hosts:
- org0-orderer2-admin.${DOMAIN}
Reference in a new issue View git blame Copy permalink